0825899886cc4c0f9ed52bdb0093f2ccbb7089c235f3c8a31dfcea150d680df0 | Triage

Sharing

General

Target

39322fe542daa2882e06670ab868ef57_JaffaCakes118
Size

52KB
Sample

240711-p469faxbjl
MD5

39322fe542daa2882e06670ab868ef57
SHA1

976d3e4e82030a43e5340fae59c24cf858f5e5d4
SHA256

0825899886cc4c0f9ed52bdb0093f2ccbb7089c235f3c8a31dfcea150d680df0
SHA512

303dd5058680dde50b49e3327330c8071b5d1ef6f643abf74df1bb4ae70d0989264e03696c31e90d123e53222db2ef2077a1204ab590eb54b750256341d5831d
SSDEEP

768:hqbr9qIkRDzm5huP/VO56CXlMhnaT37ahzc+RfG9TkbiFW89PQdLchy:hqsRD658VO5PV0ajGh4gG9TCiT++y

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  39322fe542daa2882e06670ab868ef57_JaffaCakes118
- Size
  
  52KB
- MD5
  
  39322fe542daa2882e06670ab868ef57
- SHA1
  
  976d3e4e82030a43e5340fae59c24cf858f5e5d4
- SHA256
  
  0825899886cc4c0f9ed52bdb0093f2ccbb7089c235f3c8a31dfcea150d680df0
- SHA512
  
  303dd5058680dde50b49e3327330c8071b5d1ef6f643abf74df1bb4ae70d0989264e03696c31e90d123e53222db2ef2077a1204ab590eb54b750256341d5831d
- SSDEEP
  
  768:hqbr9qIkRDzm5huP/VO56CXlMhnaT37ahzc+RfG9TkbiFW89PQdLchy:hqsRD658VO5PV0ajGh4gG9TCiT++y
Score

8^/10

persistence
- Drops file in Drivers directory
- Event Triggered Execution: Image File Execution Options Injection
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Event Triggered Execution

Image File Execution Options Injection

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Event Triggered Execution

Image File Execution Options Injection

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2